HTTP request via telnet

manuales - Linux

Si estas harto de hablar con humanos y te apetece hablar con servidores web, este es tu post xD

Ahora en serio, para usar telnet y comprobar que una web se encuentra operativa, ya sea por scripts de monitorización o comprobación rutinaria, aquí tienes (en ingles) unos cuantos pasos útiles para tu uso cotidiano :)

fuente: http://tonycode.com/wiki/index.php?title=Making_HTTP_requests_via_telnet

Simple telnet HTTP requests

 

Using Telnet is a great way to learn about HTTP requests.

For example.. back in the 90s microsoft was running their sites on apache. Nowadays they are eating their own dog food.  ;-)

Here is a simple HEAD request to microsoft.com via telnet.

$ telnet microsoft.com 80

Trying 207.46.232.182...

Connected to microsoft.com.

Escape character is '^]'.

HEAD / HTTP/1.0

 

HTTP/1.1 301 Moved Permanently

Connection: close

Date: Thu, 12 Jul 2007 15:25:37 GMT

Server: Microsoft-IIS/6.0

X-Powered-By: ASP.NET

Location: http://www.microsoft.com

Content-Length: 31

Content-Type: text/html

Set-Cookie: ASPSESSIONIDSCAQCSBR=FMPJMMPAMGNBFELIPABIHHMN; path=/

Cache-control: private

 

Connection closed by foreign host.

The command above was simple. HEAD / HTTP/1.0 followed by 2 line feeds.

The 80 specified in the telnet command is the port that you are hitting when you type http://microsoft.com/ in a browser. If another port is used you will see it after a colon. ex: http://tonycode.com:8080/ hits the server running on port 8080. If there was one. :-)

When doing GET commands you usually end up sending headers with your command. You should always send the Host header (this isn't required for HTTP/1.0 but many servers are running multiple sites so you'll want to send this.)

Here's an example of a GET against my home page.

$ telnet tonycode.com 80

Trying 208.97.136.171...

Connected to tonycode.com.

Escape character is '^]'.

GET / HTTP/1.1

Host: tonycode.com

 

HTTP/1.1 200 OK

Date: Thu, 12 Jul 2007 16:10:02 GMT

Server: Apache/1.3.37 (Unix) mod_throttle/3.1.2 DAV/1.0.3 mod_fastcgi/2.4.2 mod_gzip/1.3.26.1a PHP/4.4.7 mod_ssl/2.8.22 OpenSSL/0.9.7e

MS-Author-Via: DAV

Last-Modified: Wed, 11 Jul 2007 14:10:28 GMT

ETag: "19cf7aa-68d-4694e4d4"

Accept-Ranges: bytes

Content-Length: 1677

Content-Type: text/html

 

I spared you the full contents of my home page. Why did it return the entire page? Because we did a GET instead of HEAD.

Remembering all the headers you need can get tricky so I usually use [LiveHttpHeaders to get what I need and then I can make modifications for testing or scripting purposes.

[edit]

Scripting telnet HTTP requests

 

I recently needed to hit several production servers that lived behind a VIP. I had access to the servers directly but their behavior was controlled by the host that they were called with so if I used the machine name I was out of luck. Also, port numbers in the request would throw it off. So I needed to send http requests directly to the server and lie about the hostname I was using to access them.

Here is a script file that I run and pipe into telnet.

echo "open $1 $2"

sleep 2

echo "GET $4 HTTP/1.0"

echo "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.4) Gecko/20070515 Firefox/2.0.0.4"

echo "Host: $3"

echo

echo

sleep 2

lets put this in a file called getpage and then we run the following

./getpage tonycode.com 80 tonycode.com /| telnet

ok. what did we just do?

getpage is sending commands on stdout and telnet is getting them via the pipe

getpage 1st tells telnet to open a connection to tonycode.com ($1) port 80 ($2).

getpage waits 2 seconds for the connection. Adjust as necessary.

getpage sends the request. GET / HTTP/1.0 and sets the host ($3) to tonycode.com.

Note $4 is the resource to fetch and we set it to /.

I even threw in the user agent header for fun.

Those 2 empty echo statements are necessary to tell the server this is the end of the request.

Finally getpage sleeps for 2 seconds to allow time for the response to come back. Leave out this line and you'll get nada.